Chipotle Mexican Grill Provides Detailed Update for Data Breach

May 29, 2017, Written By Bill Hardekopf

Chipotle Mexican Grill has new information about the data breach that occurred between March 24, 2017 and April 18, 2017. The breach affected various locations at different times, and did not impact all Chipotle restaurants throughout the country.

The company first alerted customers of the breach in April, and they immediately launched an investigation. After working with law enforcement and cybersecurity experts, they determined exactly which locations were impacted by the hack and what dates those restaurants were compromised. Customers can use the store locator on the website to find out when their payment card information may have been compromised.

Hackers installed malware on point-of-sale terminals at Chipotle locations to collect data from magnetic strip cards. The malware tracked cardholder names, card numbers, expiration dates and verification codes from the cards. Chipotle has removed the malware from all affected locations and enhanced their security measures to prevent similar incidences in the future.

The restaurant is encouraging customers to report any unauthorized charges on their cards to their card issuer. No customers have reported issues yet, but hackers sometimes wait months before selling or using collected card information. Monitor your debit or credit card account regularly, and if any issue arises, you can have the charges reversed and get a new card for future transactions.



The information contained within this article was accurate as of May 29, 2017. For up-to-date
information on any of the terms, cards or offers mentioned above, visit the issuer's website.